Recent deployments of programmable devices, such as field programmable gate arrays (FPGAs), as compute resources in data centers have raised security concerns. In typical usage, an application in a data center runs on top of a stack of hardware and software processes. The hardware can include a programmable device used for purposes of hardware acceleration, for example. A concern arises if a function in the programmable device can access other hardware directly, bypassing the software (e.g., an operating system, hypervisor, or the like). If the programmable device can intercept sensitive data and control physical memory locations, the programmable device can be used to compromise servers and potentially hijack the entire data center. Furthermore, if there is a requirement for the programmable device to pass data through the operating system/hypervisor (e.g., requiring the processor to manage all address translation), the performance and power advantages of the programmable device computation are drastically reduced.